Overview
- Tenga says an unauthorized party accessed a single employee’s professional email, exposing customer email addresses and historical correspondence that may include order details or support inquiries.
- A company spokesperson told TechCrunch the review identified approximately 600 affected individuals in the United States, with direct notifications sent to those potentially impacted.
- The company reports no exposure of Social Security numbers, payment card details, or TENGA/iroha Store passwords.
- The compromised account sent spam with a suspicious attachment during a narrow window on February 12 between 12 a.m. and 1 a.m. PT, posing risk only if the file was opened then.
- Tenga reset the account’s credentials, enabled multi-factor authentication across systems, and urged customers to change passwords and watch for phishing while it investigates any non-U.S. impact.